INFORMATION ABOUT GENERAL DATA PROTECTION REGULATION (GDPR)
1.Controller’s identity and contact details
1.1 The controller of GDPR compliance is PINYA ltd., based in Tuřanka 1222/115, 602 00 Brno – Slatina, company registration number 293 129 22, registered in the company register kept by the Regional Court in Brno, section C, entry 73455.
1.2 Controller’s contact details: delivery address: Tuřanka 1222/115, 602 00 Brno – Slatina, email address email@example.com, phone +420 734 558 090.
1.3 The controller did not commission any representative for GDPR compliance.
2. Legal framework
2.1 The objective of the legal framework of processing your personal data is the fact that this processing is necessary for:
a. the performance of the contract between you and the controller or adopting measures by the controller before entering into such contract pursuant to Article 6, paragraph 1, letter b) of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (hereinafter referred to as “regulation“);
b. the performance of legal duties related to the controller pursuant to Article 6, paragraph 1, letter c) of the regulation, particularly the performance of duties assigned to the controller by generally applicable legal acts, especially Act No. 235/2004 Coll. for VAT payers, as subsequently amended Act. No. 586/1992 Coll. for income tax, as subsequently amended Act. No. 262/2006 Coll., Labour Code, as subsequently amended, and Act. No.563/1991 Coll., for accounting as subsequently amended.
3. The purpose of data processing
3.1 The purpose of data processing is the performance of the contract between you and the controller or adopting measures by the controller before entering into such a contract and the performance of related generally applicable legal acts by the controller.
3.2 On the part of the controller there shall be no automated individual decision-making, pursuant to Article 22 of the regulation.
4. The period of personal data storage
4.1 Your personal data are processed for the duration of the negotiation period and, in case of signing the contract, for the duration of legal effects and duties as required by the contract, and further for the duration necessary for the purposes of archiving in accordance with generally binding legal regulations, no longer than for the period set by the general legal binding regulations.
5. Other recipients of personal data
5.1 Other recipients of your personal data are persons providing the controller with accounting services, IT hosting and software providers, providers of mail and delivery services, other third parties who perform duties such as a processor of personal data with whom the controller has concluded a contract.
5.2 Recipients of your personal data for the purpose of performing duties corresponding to legal regulations may further be bodies of Revenue authorities or other relevant offices in cases when they oblige controllers to execute generally binding legal regulations.
5.3 Controller does not intend to transfer your personal data to a third country (a country outside the EU) or to an international organisation.
6. Your rights
6.1 Based on the conditions set in the regulation, you have the right to request and obtain access to rectify or erase personal data and exercise the right to limit or object to their processing, and the right to data portability.
6.2 Where a data subject considers his or her rights under this Regulation to have been infringed, he or she should have the right to lodge a complaint on his or her behalf with a supervisory authority.
6.3 You are under no obligation to provide personal data. Providing your personal data is necessary for the negotiation of the contract, concluding, and performing the contract. Without your personal data it is not possible to conclude the contract or for the controller to perform it.